Domain > pay.withqikserve.us

More information on this domain is in AlienVault OTX

DNS Resolutions

Date	IP Address
2023-08-25	104.26.1.134 (ClassC)
2025-11-24	172.67.69.107 (ClassC)

HTTP/1.1 200 OKDate: Mon, 24 Nov 2025 07:34:50 GMTContent-Type: text/html; charsetUTF-8Transfer-Encoding: chunkedConnection: keep-aliveServer: cloudflareNel: {report_to:cf-nel,success_fraction:0.0,max_age:604800}expires: Thu, 19 Nov 1981 08:52:00 GMTCache-Control: no-store, no-cache, must-revalidatepragma: no-cachevary: Accept-EncodingReport-To: {group:cf-nel,max_age:604800,endpoints:{url:https://a.nel.cloudflare.com/report/v4?sKTeAgYSpNUAJnlqeEBHTku4ne3OhOayJDVqPNohIka%2BsQ9YZOmr6y6VUm1WP6VKIS6NfkGf710d%2B2Z9jVuhnpSaXDjiwdBEt8Ockyqz%2F%2FKpvXA%3D%3D}}content-security-policy: frame-ancestors self https://*.withqikserve.com https://*.withqikserve.us https://*.devwithqikserve.com;cf-cache-status: DYNAMICSet-Cookie: PHPSESSID5cc8f953b571acd1d487744b4ccd7fec; HttpOnly; SameSiteNone; Secure; Path/CF-RAY: 9a3739e4fadfd106-PDX

!doctype html>html langen>head>meta charsetutf-8/>link relicon hreffavicon.ico/>meta http-equivPragma contentno-cache/>meta http-equivcache-control contentno-cache, no-store, must-revalidate/>meta nameviewport contentwidthdevice-width,heightdevice-height,user-scalableno,initial-scale1,maximum-scale1/>meta nametheme-color content#fff/>meta nameapple-mobile-web-app-status-bar-style content#fff>meta namemsapplication-navbutton-color content#fff>meta namedescription contentQikPay/>link relapple-touch-icon hreflogo192.png/>link relmanifest hrefmanifest.json/>link relpreconnect hrefhttps://fonts.gstatic.com>link relstylesheet hrefhttps://fonts.googleapis.com/css2?familyRoboto:wght@300;400;500;700&displayswap>title>Pay Now/title>script>window._PREO_DATA  {_CDNROOT:https:\/\/cdn.withqikserve.us\/,_CDNHOST_IMAGE:https:\/\/preo2.gumlet.io\/,_SESSION:5cc8f953b571acd1d487744b4ccd7fec,_SESSION_PATH:null,_GOOGLE_ANALYTICS_TRACKING_ID:G-ZD81BDKC9G,_PERMALINK:null,_SENTRY_ENVIRONMENT:prod,_SENTRY_PROJECT_KEY:https:\/\/bdc44dfbeb7a4bf89809bf144693c0e9@o124673.ingest.sentry.io\/5784966,_QIKORDER_HANDHELD_URL:https:\/\/handheld.withqikserve.us\/,_QIKORDER_URL:https:\/\/tab.withqikserve.us\/,_COMPONENTS_URL:https:\/\/ui.withqikserve.us\/,_PREO_ENVIRONMENT:PROD}/script>script>(function() {        // This is a hotfix to get the `orderId` and redirect to the correct route        // with the hash because the redirect in the PHP side loses the hash        // in safari browsers when having the nginx as a reverse proxy        function getQueryParams(params, url) {          var QUERY_STRING_REGEXP  new RegExp(?& + params + (^&#*), i);          var queryString  QUERY_STRING_REGEXP.exec(url);          return queryString ? queryString1 : null;        };        function removeQueryParams(param) {          if (window.URLSearchParams) {            var queryParams  new URLSearchParams(window.location.search);            queryParams.delete(param);            var newUrl  window.location.pathname;            if (queryParams.toString().length > 0) {              newUrl  newUrl + ? + queryParams.toString();            }            window.history.replaceState(null, null, newUrl);          }        }        var orderId  getQueryParams(orderId, window.location.href);        if (orderId) {          // We execute the removeQueryParams method before defining a hash,          // so the hash is not overwritten          removeQueryParams(orderId);          window.location.hash  order/ + orderId;        }      }());/script>/head>body>noscript>You need to enable JavaScript to run this app./noscript>div classqikpay viewport-height idroot aria-livepolite aria-relevantall>/div>script deferdefer src/static/js/main.9bc6123122f5659d09f1.js>/script>/body>/html>

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > pay.withqikserve.us

Is this malicious?

DNS Resolutions

Port 80

Port 443